List of usage examples for org.bouncycastle.asn1.x509 GeneralName directoryName
int directoryName
To view the source code for org.bouncycastle.asn1.x509 GeneralName directoryName.
Click Source Link
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * @see com.otterca.repository.util.X509CertificateBuilder#setDirectoryNames(java.lang.String) *///from ww w. ja v a 2s . co m @Override public X509CertificateBuilder setDirectoryNames(String... dirNames) { for (String name : dirNames) { subjectNames.add(new GeneralName(GeneralName.directoryName, name)); } return this; }
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * @see com.otterca.repository.util.X509CertificateBuilder#setIssuerDirectoryNames * (java.lang.String)/*from ww w. ja va 2 s . c o m*/ */ @Override public X509CertificateBuilder setIssuerDirectoryNames(String... dirNames) { for (String name : dirNames) { issuerNames.add(new GeneralName(GeneralName.directoryName, name)); } return this; }
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * @see com.otterca.common.crypto.X509CertificateBuilder#setOcspLocation(com.otterca.common.crypto.GeneralName...) */// w ww. java 2 s . com @Override public X509CertificateBuilder setOcspLocations(com.otterca.common.crypto.GeneralName<?>... names) { ocspLocations.clear(); for (com.otterca.common.crypto.GeneralName<?> name : names) { switch (name.getType()) { case DIRECTORY: ocspLocations.add(new GeneralName(GeneralName.directoryName, name.get().toString())); break; case URI: ocspLocations.add(new GeneralName(GeneralName.uniformResourceIdentifier, name.get().toString())); break; default: throw new IllegalArgumentException("unexpected type for OCSP location: " + name.getType()); } } return this; }
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * @see com.otterca.common.crypto.X509CertificateBuilder#setCaIssuersLocations(com.otterca.common.crypto.GeneralName...) *///w w w. j a v a 2 s. c om @Override public X509CertificateBuilder setCaIssuersLocations(com.otterca.common.crypto.GeneralName<?>... names) { caIssuersLocations.clear(); for (com.otterca.common.crypto.GeneralName<?> name : names) { switch (name.getType()) { case DIRECTORY: caIssuersLocations.add(new GeneralName(GeneralName.directoryName, name.get().toString())); break; case URI: caIssuersLocations .add(new GeneralName(GeneralName.uniformResourceIdentifier, name.get().toString())); break; default: throw new IllegalArgumentException("unexpected type for CA Issuer location: " + name.getType()); } } return this; }
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * @see com.otterca.common.crypto.X509CertificateBuilder#setCaRepositories(com.otterca.common.crypto.GeneralName...) *//*from w w w . ja v a 2 s .co m*/ @Override public X509CertificateBuilder setCaRepositories(com.otterca.common.crypto.GeneralName<?>... names) { caRepositories.clear(); for (com.otterca.common.crypto.GeneralName<?> name : names) { switch (name.getType()) { case DIRECTORY: caRepositories.add(new GeneralName(GeneralName.directoryName, name.get().toString())); break; case URI: caRepositories.add(new GeneralName(GeneralName.uniformResourceIdentifier, name.get().toString())); break; default: throw new IllegalArgumentException("unexpected type for CA repository: " + name.getType()); } } return this; }
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * Set Authority Key Identifier (RFC3280 4.2.1.1) * //w ww . ja v a 2 s .c o m * @throws InvalidKeyException * @throws CertificateParsingException */ protected final void setAKID() throws InvalidKeyException, CertificateParsingException { if (issuer != null) { // signed certificates AuthorityKeyIdentifierStructure akis = new AuthorityKeyIdentifierStructure(issuer); generator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, akis); } else { // self-signed certificates since we already require subjectDN = // issuerDN GeneralNames issuerName = new GeneralNames(new GeneralName(GeneralName.directoryName, issuerDN)); AuthorityKeyIdentifier akis = new AuthorityKeyIdentifierStructure(pubkey); akis = new AuthorityKeyIdentifier(akis.getKeyIdentifier(), issuerName, serialNumber); generator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, akis); } }
From source file:com.yacme.ext.oxsit.cust_it.security.crl.X509CertRL.java
License:Open Source License
private static String decodeAGeneralName(GeneralName genName) throws IOException { switch (genName.getTagNo()) { //only URI are used here, the other protocols are ignored case GeneralName.uniformResourceIdentifier: return ((DERString) genName.getName()).getString(); case GeneralName.ediPartyName: case GeneralName.x400Address: case GeneralName.otherName: case GeneralName.directoryName: case GeneralName.dNSName: case GeneralName.rfc822Name: case GeneralName.registeredID: case GeneralName.iPAddress: break;/*from w w w .j a va 2 s. c o m*/ default: throw new IOException("Bad tag number: " + genName.getTagNo()); } return null; }
From source file:de.mendelson.util.security.cert.KeystoreCertificate.java
/** * Converts the tag no of a general name to a human readable value *//* w w w.j a va 2s. co m*/ private String generalNameTagNoToString(GeneralName name) { if (name.getTagNo() == GeneralName.dNSName) { return ("DNS name"); } if (name.getTagNo() == GeneralName.directoryName) { return ("Directory name"); } if (name.getTagNo() == GeneralName.ediPartyName) { return ("EDI party name"); } if (name.getTagNo() == GeneralName.iPAddress) { return ("IP address"); } if (name.getTagNo() == GeneralName.otherName) { return ("Other name"); } if (name.getTagNo() == GeneralName.registeredID) { return ("Registered ID"); } if (name.getTagNo() == GeneralName.rfc822Name) { return ("RFC822 name"); } if (name.getTagNo() == GeneralName.uniformResourceIdentifier) { return ("URI"); } if (name.getTagNo() == GeneralName.x400Address) { return ("x.400 address"); } return (""); }
From source file:eu.emi.security.authn.x509.helpers.pkipath.bc.RFC3280CertPathUtilitiesHelper.java
License:Open Source License
/** * Checks a certificate if it is revoked. * /*from w w w .ja v a2 s .c o m*/ * @param paramsPKIX PKIX parameters. * @param cert Certificate to check if it is revoked. * @param validDate The date when the certificate revocation status * should be checked. * @param sign The issuer certificate of the certificate * <code>cert</code>. * @param workingPublicKey The public key of the issuer certificate * <code>sign</code>. * @param certPathCerts The certificates of the certification path. * @throws AnnotatedException if the certificate is revoked or the * status cannot be checked or some error occurs. */ protected static void checkCRLs2(ExtPKIXParameters paramsPKIX, X509Certificate cert, Date validDate, X509Certificate sign, PublicKey workingPublicKey, List<?> certPathCerts) throws SimpleValidationErrorException { SimpleValidationErrorException lastException = null; CRLDistPoint crldp = null; try { crldp = CRLDistPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS)); } catch (Exception e) { throw new SimpleValidationErrorException(ValidationErrorCode.crlDistPtExtError, e); } try { CertPathValidatorUtilities.addAdditionalStoresFromCRLDistributionPoint(crldp, paramsPKIX); } catch (AnnotatedException e) { throw new SimpleValidationErrorException(ValidationErrorCode.crlDistPtExtError, e); } CertStatus certStatus = new CertStatus(); ReasonsMask reasonsMask = new ReasonsMask(); boolean validCrlFound = false; // for each distribution point if (crldp != null) { DistributionPoint dps[] = null; try { dps = crldp.getDistributionPoints(); } catch (Exception e) { throw new SimpleValidationErrorException(ValidationErrorCode.crlDistPtExtError, e); } if (dps != null) { for (int i = 0; i < dps.length && certStatus.getCertStatus() == CertStatus.UNREVOKED && !reasonsMask.isAllReasons(); i++) { ExtendedPKIXParameters paramsPKIXClone = (ExtendedPKIXParameters) paramsPKIX.clone(); try { checkCRL(dps[i], paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask, certPathCerts); validCrlFound = true; } catch (SimpleValidationErrorException e) { lastException = e; } } } } /* * If the revocation status has not been determined, repeat the * process above with any available CRLs not specified in a * distribution point but issued by the certificate issuer. */ if (certStatus.getCertStatus() == CertStatus.UNREVOKED && !reasonsMask.isAllReasons()) { try { /* * assume a DP with both the reasons and the * cRLIssuer fields omitted and a distribution * point name of the certificate issuer. */ ASN1Primitive issuer = null; try { issuer = new ASN1InputStream( CertPathValidatorUtilities.getEncodedIssuerPrincipal(cert).getEncoded()).readObject(); } catch (Exception e) { throw new SimpleValidationErrorException(ValidationErrorCode.crlIssuerException, e); } DistributionPoint dp = new DistributionPoint(new DistributionPointName(0, new GeneralNames(new GeneralName(GeneralName.directoryName, issuer))), null, null); ExtendedPKIXParameters paramsPKIXClone = (ExtendedPKIXParameters) paramsPKIX.clone(); checkCRL(dp, paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask, certPathCerts); validCrlFound = true; } catch (SimpleValidationErrorException e) { lastException = e; } } if (!validCrlFound) throw lastException; if (certStatus.getCertStatus() != CertStatus.UNREVOKED) { throw new SimpleValidationErrorException(ValidationErrorCode.certRevoked, new TrustedInput(certStatus.getRevocationDate()), crlReasons[certStatus.getCertStatus()]); } if (!reasonsMask.isAllReasons() && certStatus.getCertStatus() == CertStatus.UNREVOKED) { certStatus.setCertStatus(CertStatus.UNDETERMINED); } if (certStatus.getCertStatus() == CertStatus.UNDETERMINED) { throw new SimpleValidationErrorException(ValidationErrorCode.noValidCrlFound); } }
From source file:gui.ExtensionsPopup.java
private void addIssuerAltNameButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_addIssuerAltNameButtonActionPerformed String extension = issuerAltNameTextField.getText(); issuerAltNameTextField.setText(""); if (!extension.isEmpty()) { String extName = (String) issuerAltNameComboBox.getSelectedItem(); try {//w w w. java 2s. c o m switch (extName) { case "Other Name": generalNamesBuilder.addName(new GeneralName(GeneralName.otherName, extension)); break; case "RFC822 Name": generalNamesBuilder.addName(new GeneralName(GeneralName.rfc822Name, extension)); break; case "DNS Name": generalNamesBuilder.addName(new GeneralName(GeneralName.dNSName, extension)); break; case "x400 Address": generalNamesBuilder.addName(new GeneralName(GeneralName.x400Address, extension)); break; case "Directory Name": generalNamesBuilder .addName(new GeneralName(GeneralName.directoryName, new X500Name(extension))); break; case "EDI Party Name": generalNamesBuilder.addName(new GeneralName(GeneralName.ediPartyName, extension)); break; case "URI": generalNamesBuilder.addName(new GeneralName(GeneralName.uniformResourceIdentifier, extension)); break; case "IP Address": generalNamesBuilder.addName(new GeneralName(GeneralName.iPAddress, extension)); break; case "Registered ID": generalNamesBuilder.addName(new GeneralName(GeneralName.registeredID, extension)); break; } } catch (Exception e) { JOptionPane.showMessageDialog(this, Errors.EXTENSION_INVALID_FORMAT, "Error", JOptionPane.ERROR_MESSAGE); return; } issuerAltNameTextArea.append(extName + ": " + extension + "\n"); } }